Re: Can You Prevent Some Users From Telneting to their Accounts?

Subject: Re: Can You Prevent Some Users From Telneting to their Accounts?
From: Dennis Murphy (
Date: Sun Oct 17 1999 - 23:40:52 MDT

It's very easy, actually.

Just change their shell in /etc/passwd to something else, like /bin/false

For example, change:

dmurphy:x:500:500:Dennis Murphy:/home/dmurphy:/bin/bash


dmurphy:x:500:500:Dennis Murphy:/home/dmurphy:/bin/false

Please note that this also prevents them from using FTP - if their shell
(in this case, /bin/false) isn't listed in /etc/shells, then FTP won't

I use something a bit fancier -- I wrote a shellscript that I use as some
users' shell. Basically, their /etc/passwd entry looks like:
dmurphy:x:500:500:Dennis Murphy:/home/dmurphy:/usr/local/bin/mailshell

Here is /usr/local/bin/mailshell:

#! /bin/sh
trap exit 1 2 24
echo "******************************"
echo "* Your account is configured *"
echo "* for mail access only. You *"
echo "* may only connect using IMAP*"
echo "* services. If you feel this*"
echo "* is an error, please e-mail *"
echo "* *"
echo "******************************"
echo " -Thank you."
echo "Login attempted on mail account: $WHOAMI,`date`"|mail root


Not only does this prevent them from logging in, but it e-mails me every time they try. I also use a modified version of this for "deleted" accounts.

Please let me know if this has been of any help! Thanks!

--- Dennis Murphy

On Sun, 17 Oct 1999, Bill Colston wrote:

> I unable to discover a way to prevent certain users from telneting into > their accounts. I was hoping there was a simple way to do this, something > like the ftpusers file that can be used to prevent some users from using > ftp with their accounts. I have checked the archives and nothing seems to > cover this. > > Any help would be most apppreciated. > > Many Thanks, > > Bill > >

This archive was generated by hypermail 2a24 : Tue Nov 02 1999 - 16:20:58 MST